An internetwork is a collection of individual networks connected with intermediate networking devices that function as a single large network. Different networks can be interconnected by routers and other networking devices to create an internetwork.
A local area network (LAN) is a data network that covers a relatively small geographic area. It typically connects workstations, personal computers, printers and other devices. A wide area network (WAN) is a data communication network that covers a relatively broad geographic area. Wide area networks (WANs) interconnect LANs across telephone networks and other media; thereby interconnecting geographically disposed users.
In fixed networks, there exist solutions to fill the need to protect data and resources from disclosure, to guarantee the authenticity of data, and to protect systems from network based attacks. IPSec is one such technology by means of which security is obtained.
The IP security protocols (IPSec) provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the internet. IPSec can be used in different ways, such as for building secure virtual private networks, to gain a secure access to a company network (as remote access IPSec use), or to secure communication with other organisations, ensuring authentication and confidentiality and providing a key exchange mechanism. Even if some applications already have built in security protocols, the use of IPSec further enhances the security.
IPSec can encrypt and/or authenticate traffic at IP level. Traffic going in to a WAN is typically encrypted and/or authenticated and traffic coming from a WAN is decrypted and/or authenticated. IPSec is defined by certain documents, which contain rules for the IPSec architecture.
Two protocols are used to provide security at the IP layer, an authentication protocol designated by the header of the protocol, Authentication Header (AH), and a combined encryption/authentication protocol designated by the format of the packet for that protocol, Encapsulating Security Payload (ESP). Both AH and ESP are vehicles for access control based on the distribution of cryptographic keys and the management of traffic flows related to these security protocols.
Security association (SA) is a key concept in the authentication and the confidentiality mechanisms for IP. A security association is a one-way relationship between a sender and a receiver that offers security services to the traffic carried on it If a secure two-way relationship is needed, then two security associations are required.
The term IPSec connection is used in what follows in place of an IPSec bundle of one or more security associations SAs, or a pair of IPSec bundle—one bundle for each direction—of one or more security associations. This term thus covers both unidirectional and bidirectional traffic protection. There is no implication of symmetry of the directions, i.e., the algorithms and IPSec transforms used for each direction may be different.
A security association is uniquely identified by three parameters. The first one, the Security Parameters Index (SPI), is a 32-bit string assigned to this SA. The SPI is carried in AH and ESP headers to enable the receiving system to select the SA under which a received packet will be processed. IP destination address is the second parameter, which is the address of the destination end point of the SA, which may be an end user system or a network system such as a firewall or a router. The third parameter, the Security Protocol Identifier indicates whether the association is an AH or ESP security association.
Both AH and ESP support two modes used, transport and tunnel mode.
Transport mode provides protection primarily for upper layer protocols and extends to the payload of an IP packet. Typically, transport mode is used for end-to-end communication between two hosts. Transport mode may be used in conjunction with a tunnelling protocol (other than IPSec tunnelling).
Tunnel mode provides protection to the entire IP packet and is used for sending messages through more than two components. Tunnel mode is often used when one or both ends of a SA is a security gateway, such as a firewall or a router that implements IPSec. With tunnel mode, a number of hosts on networks behind firewalls may engage in secure communications without implementing IPSec. The unprotected packets generated by such hosts are tunnelled through external networks by tunnel mode SAs setup by the IPSec software in the firewall or secure router at boundary of the local network.
To achieve this, after the AH or ESP fields are added to the IP packet, the entire packet plus security fields are treated as the payload of a new outer IP packet with a new outer IP header. The entire original, or inner, packet travels through a tunnel from one point of an IP network to another no routers along the way are able to examine the inner IP packet. Because the original packet is encapsulated, the new larger packet may have totally different source and destination addresses, adding to the security. In other words, the first step in protecting the packet using tunnel mode is to add a new IP header to the packet; thus the “IP|payload” packet becomes “IP|IP|payload”. The next step is to secure the packet using ESP and/or AH. In case of ESP, the resulting packet is “IP|ESP|IP|payload”. The whole inner packet is covered by the ESP and AH protection. AH also protects parts of the outer header, in addition to the whole inner packet.
The IPSec tunnel mode operates e.g. in such a way that if a host on a network generates an IP packet with a destination address of another host on another network, the packet is routed from the originating host to a security gateway (SGW), firewall or other secure router at the boundary of the first network. The SGW filters all outgoing packets to determine the need for IPSec processing. If this packet from the first host to another host requires IPSec, the firewall performs IPSec processing involving encapsulation of the packet in an outer IP header. The source IP address of this outer IP packet is this firewall and the destination address may be a firewall that forms the boundary to the other local network. This packet is now routed to the other host's firewall with intermediate routers examining only the outer IP header. At the other host firewall, the outer IP header is stripped off and the inner packet is delivered to the other host.
ESP in tunnel mode encrypts and optionally authenticates the entire inner IP packet, including the inner IP header. AH in tunnel mode authenticates the entire inner IP packet and selected fields of the outer IP header.
The key management portion of IPSec involves the determination and distribution of secret keys. The default automated key management protocol for IPSec is referred to as ISAKMP/Oakley and consists of the Oakley key determination protocol and Internet Security Association and Key Management Protocol (ISAKMP). Internet Key Exchange (IKE) is a newer name for the ISAKMP/Oakley. IKE is based on the Diffie-Hellman key exchange algorithm, and supports RSA signature authentication among other modes. IKE is easily extensible for future and vendor-specific features without breaking backwards compatibility.
The IPSec protocol solves the known security problems of the Internet Protocol (IP) in a satisfactory manner. However, it is designed for a static Internet, where the hosts using IPSec are relatively static. Thus, IPSec does not work well with mobile devices.
For instance, if a mobile terminal moves from one network to another, an IPSec connection set up is required, typically using the IKE key exchange protocol. Such a set up is expensive in terms of latency, since IKE may require several seconds to complete. It is also expensive in terms of computation, because the Diffie-Hellman and authentication-related calculations of IKE are extremely time consuming.
Routing means moving information across an internetwork from one source to another. Along the way, usually at least one intermediate node is encountered. Routing involves both the determination of the optimal routing path and the transport of information packets. To aid the routing of information packets, routing algorithms initialise and maintain routing tables, which contain route information. Routers communicate with each other and maintain their routing tables through the transmission of a variety of messages. The routing update message is one such message that generally consists the whole or part of a routing table.
The fundamental problem with IP mobility is the fact that IP routing is based on fixed addresses. The address space has been divided into subnetworks, that reside in practically fixed locations with respect to network topology (the routing can be changed, but that is a slow process, possibly in the order of minutes). When a mobile host moves away from its home network (where its IP address is proper), there is a problem with the routing of the packets to the new location if the IP network in question does not support such movement.
In this text, the term mobility and mobile terminal does not only mean physical mobility, instead the term mobility is in the first hand meant moving from one network to another, which can be performed by a physically fixed terminal as well.
Standard Mobile IP for IPv4 utilises e.g. IP-IP and Generic Routing Encapsulation (GRE) tunnelling to overcome this problem (See more details in FIG. 1 with accompanying text). There are also other methods of tunnelling, and hence, IP-IP and GRE tunnelling are used only as examples in this text. Mobile IPv4 has two modes of operation. In the co-located care-of address mode the mobile terminal performs IP-IP encapsulation and decapsulation. This mode requires a borrowed address—the co-located care-of address—from the visited network. The other mode is the foreign agent mode, where the IP-IP or other tunnelling is performed by a special host in the visited network, called the Foreign Agent (FA). The mobile terminal communicates directly with the FA (an IP address is not required for this direct communication), and does not require a borrowed address in this mode.
In IP-IP tunnelling, an IP address (the so called co-located care-of address) is borrowed from a network being visited. This address is topologically correct, i.e. routable from other parts of the network. When a mobile terminal needs to send a packet to a given target computer, it first constructs an IP packet, whose source address is its home address, i.e. the address that is not topologically correct in the new network, and whose destination address is the target computer.
Since this packet may not be directly routable, it is encapsulated into another IP packet (by so called IP-IP encapsulation, or IP-IP tunnelling). The source address of this IP packet is the care-of address, and the target address is the so called home server of the mobile terminal. Upon receiving such an encapsulated packet, the home server unwraps the IP-IP tunnel, and proceeds to route the packet, which was inside the encapsulation.
Reverse packets from the target computer to the mobile terminal are handled similarly; the packet is first routed to the home server, then encapsulated in IP-IP and delivered to the current network the mobile terminal is in. The current mobility binding determines which current care-of address matches a given home address. (There may also be so-called simultaneous bindings, in which case the home address matches a set of care-of addresses; the packet is encapsulated and sent to each care-of address separately.)
When the mobile terminal moves to a new network, an authenticated signalling message exchange is done between the mobile terminal and the home server. A Registration Request is sent by the mobile terminal to the home server, requesting an update of the current mobility binding. The server responds using a Registration Reply that may either accept or deny the request. When the Foreign Agent mode of operation is used, the registration messages go through the Foreign Agent.
IP version 4 (IPv4) is the currently widely deployed Internet Protocol version. Its major disadvantage is the small number of unique, public IP addresses. IP version 6 (IPv6) has a much larger address space, which fixes the most important IPv4 problem known today. IPv6 also changes some other things in the Internet Protocol, for example, how fragmentation of packets is done, but these changes are quite small. Most protocols have separate definitions on how they are used within the IPv4 and the IPv6 context. For instance, there are separate versions of IPSec and Mobile IP for use with IPv4 and IPv6. However, such modifications to protocols are quite small, and do not usually change the essentials of the protocols significantly.
The IPSec protocol solves the known security problems of the Internet Protocol (IP) in a satisfactory manner. However, it is designed for a static Internet, where the hosts using IPSec are relatively static. Thus, IPSec does not work well with mobile devices. For instance, if a mobile terminal moves from one network to another, an IPSec connection set up is required, typically using the IKE key exchange protocol. Such a set up is expensive in terms of latency, since IKE may require several seconds to complete. It is also expensive in terms of computation, because the Diffie-Hellman and authentication-related calculations of IKE are extremely time consuming.
The above description presents the essential ideas of Mobile IP.
The mobile IP approach of prior art has some disadvantages and problems.
The standard Mobile IP protocol provides a mobile terminal with a mobile connection, and defines mechanisms for performing efficient handovers from one network to another. However, Mobile IP has several disadvantages. The security of Mobile IP is very limited. The mobility signalling messages are authenticated, but not encrypted, and user data traffic is completely unprotected. Also, there is no key exchange mechanism for establishing the cryptographic keys required for authenticating the mobility signalling. Such keys need to be typically distributed manually. In the manual prior art key management, the signalling authentication mechanism requires the mobile host and the home server to share a secret authentication key and the distribution of that key, which is carried out manually, is not very practical. Finally, the current Mobile IP protocol does not define a method for working through Network Address Translation (NAT) devices.
Said problem with Network Address Translation (NAT) devices, even if NAT devices are able to translate addresses of private networks in messages to public IP addresses so that the messages can be sent through internet, is, however, that currently no standard for making Mobile IP work through NAT devices. NAT devices are widely deployed because the use of private addresses requires less public IP addresses than would otherwise be needed.